summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRenato Botelho <renato@netgate.com>2015-07-18 13:26:17 -0300
committerRenato Botelho <renato@netgate.com>2015-07-18 13:26:17 -0300
commit2d6713ef46889bbf53a6b036f14e12eb6d005d8c (patch)
tree51675cc4b08ac8c09896617207ae93e0de8eb1de
parentc4f9f44941b2f898220f064a29072166a1d27c0a (diff)
parent8e16582894937ea62c3d300a563e62acd70aa7b3 (diff)
downloadpfsense-2d6713ef46889bbf53a6b036f14e12eb6d005d8c.zip
pfsense-2d6713ef46889bbf53a6b036f14e12eb6d005d8c.tar.gz
Merge pull request #1762 from doktornotor/patch-3
-rw-r--r--etc/inc/filter.inc8
1 files changed, 4 insertions, 4 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 6a8e4c1..2a2998c 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -2877,10 +2877,10 @@ pass in {$log['pass']} quick inet6 proto ipv6-icmp from ff02::/16 to fe80::/10 i
pass in {$log['pass']} quick inet6 proto ipv6-icmp from fe80::/10 to ff02::/16 icmp6-type {128,133,134,135,136} tracker {$increment_tracker($tracker)} keep state
# We use the mighty pf, we cannot be fooled.
-block {$log['block']} quick inet proto { tcp, udp } from any port = 0 to any tracker {$increment_tracker($tracker)}
-block {$log['block']} quick inet proto { tcp, udp } from any to any port = 0 tracker {$increment_tracker($tracker)}
-block {$log['block']} quick inet6 proto { tcp, udp } from any port = 0 to any tracker {$increment_tracker($tracker)}
-block {$log['block']} quick inet6 proto { tcp, udp } from any to any port = 0 tracker {$increment_tracker($tracker)}
+block {$log['block']} quick inet proto { tcp, udp } from any port = 0 to any tracker {$increment_tracker($tracker)} label "Block traffic from port 0"
+block {$log['block']} quick inet proto { tcp, udp } from any to any port = 0 tracker {$increment_tracker($tracker)} label "Block traffic to port 0"
+block {$log['block']} quick inet6 proto { tcp, udp } from any port = 0 to any tracker {$increment_tracker($tracker)} label "Block traffic from port 0"
+block {$log['block']} quick inet6 proto { tcp, udp } from any to any port = 0 tracker {$increment_tracker($tracker)} label "Block traffic to port 0"
# Snort package
block {$log['block']} quick from <snort2c> to any tracker {$increment_tracker($tracker)} label "Block snort2c hosts"
OpenPOWER on IntegriCloud